Posted
by
timothy
on Thursday April 14, 2011 @05:48PM
from the perhaps-you'd-like-to-try-the-duck dept.

ZerXes writes "It seems that APNIC has just released the last block of IPv4 addresses and are now completely out, a lot faster then expected. Even though APNIC received 3 /8 blocks in February the high growth of mobile devices made the addresses run out even before the summer. 'From this day onwards, IPv6 is mandatory for building new Internet networks and services,' says APNIC Director General Paul Wilson."

APNIC is NOT out of IPv4 addresses. They are down to their last/8 - the one they got as one of the final five/8s being allocated to each of the RIRs. This puts them in the third and final stage of their IPv4 exhaustion plan, whereby they will only allocate a maximum of a single/22 to each network operator which is supposed to be used primarily to enable a transistion to IPv6 by supporting IPv4 to IPv6 gateways and hosts that just have to be on a native IPv4 address.

A/22 is pretty much nothing, so what you're saying is that an ISP looking for addresses can get pretty much nothing from APNIC. Thus, they're basically out.

A/22 is probably enough for a moderate-sized ISP to run NAT for all of their customers. Which is the point: IPv4 addresses are being rationed to the point where end users won't be able to get them any more. That's not *quite* the same thing as being out. IPv6 transition won't be mandatory, as long as you can do everything you want to do from behind NAT (as most users can).

A/22 is pretty much nothing, so what you're saying is that an ISP looking for addresses can get pretty much nothing from APNIC. Thus, they're basically out.

A/22 is probably enough for a moderate-sized ISP to run NAT for all of their customers. Which is the point: IPv4 addresses are being rationed to the point where end users won't be able to get them any more. That's not *quite* the same thing as being out. IPv6 transition won't be mandatory, as long as you can do everything you want to do from behind NAT (as most users can).

NAT destroys the peer to peer nature of the network. It limits who can run servers of any type to those who are outside NAT.

Using NAT at the ISP level is basicly evil and should not be considered when we are going to need to deploy IPv6 anyway.

It's necessary. There are still a lot of IPv4-only servers out there (like, for example, slashdot.org). If you deploy a v6-only network, then your users can't connect to them. You need something like NAT64 to allow v6 users to participate in the Internet. It's not a permanent solution, but it's better than just letting them communicate with the 0.02% of Internet hosts that have native IPv6 support...

Slashdot doesn't need more IP addresses, it already have enough IPv4 addresses. In any case we would likely get a better signal to noise ratio if slashdor was IPv6 only.

Yeah, while I hate being the part of the internet to first go through the crunch (though I've seen this coming for years), I am happy that IPv6 is finally going to be pushed through. Now that the Great Address Space Crunch is here!

I don't like your definition of out, since that's like saying "There's food in this cage, you can't eat it, but you're not out of food". To the hungry person, their effective quantity of available food, is nothing. Additionally, if we then implement APNIC's policy "Okay, it's not that you can't eat it. But we're going to give a tiny portion, to a few people, every now and then, such that this food may last an amazingly long time". By your measure, IPv4 may never run out. Sure, we can't get any more addresses, but there are addresses there, so, we're not out... right?

Their policy is to keep these allocations small, to provide for IPv4 to IPv6 services, so they are rationed out, this means that, IPv4 may NEVER run out, because by the time they go to allocate the last/22, which might be quite a long time from now (due to how slow this pool will drop), then IPv6 may be implemented and demand for IPv4 may dwindle.

But by your measure, we're not out. Sure, we're starving, but we're not out of food, it's just in that cage over there.

Scarcity principle at work sure, but the internet routing doesn't work nicely when networks start getting hugely segregated. If you start having thousands of different random IPs assigned to a provider rather than thousands of consecutive ones it leads to routing table madness. This barrier will likely prevent the cost skyrocketing quite as much as you imagine.

They are not allocating ipv4 to anyone but new ISPs and for IPv6 transition purposes. You cannot get IPv4 if for normal use if you are an existing account holder. Even if you are eligible the most you get is 4/24s.

This might have a really obvious answer, but is there any reason why mobiles necessarily need an IPv4 address? Surely they could get away with IPv6 and a bit of tunnelling. Hell, in the UK most mobiles share an IP anyway.

Sweet! You mean to say that all websites and application specific servers for mobile phones have been migrated to ipv6! Awesome!

Oh wait... hold on a second... Almost the entirety of the English speaking Internet still isn't on ipv6?

Whats that you say? Not even friggin' slashdot?

I wonder if THAT is why.

Now having said that: Every computer I'm an admin for is 100% ipv6 compatible and all of my servers have AAAA dns records alongside their A records. I've even got a nice little OSPFv3 infrastructure running. It isn't friggin rocket surgery, but everyone is dragging their ass on the ground like the problem will become someone else's, when in reality it will shortly become everyone's. All of my efforts are in vain so long as there is a dearth of IPv6 accessible content.

By the by, are you running IPv6?

Lastly: For everyone who says that it is "hard" for large network to migrate, and they they have to re-learn everything yadda yadda:

IPv6 is easier to work with on a large scale thanks to the simplified routing tables that it affords as well as the shotgun approach to address assignment. Every single link is a/64 at minimum (and maximum, given the number addresses in a/64) and the blocks can be handed out ham-fistedly because of the mind boggling size of the space. If they have hardware that does not support ipv6 then they should blame themselves. Large network operators have NO EXCUSE. They knew this was coming and their profit margins are wide enough that they could have thrown money at it.

I had a lot of trouble with support to relaying using statefull DHCP servers which were required by the company I worked for. If all the important manufacturers are supporting this, then it shouldn't be a problem. Unluckily, I know at least that Juniper wasn't supporting this not too long ago, and I'm not sure Cisco. So it may not be a pain for infrastructure (ISP) or small companies that don't mind handling IPs using the stateless algorithm. But for some reason, some companies don't want to use that.

Not that I doubt that management is intransigent for reasons that they hold dear BUT... what does the stateful DHCP service provide them in the IPv6 context? What excuse are they pulling out to "require" this. I'm interested in knowing.

IPv6 operates above layer two. Switches of any kind whatsoever that *ahem* "support" ipv4 will also operate equally well with ipv6. Layer 3 "switches" not withstanding, of course. Those are more closely related to routers than standard layer two switches.

As far as routers go: no, we don't shit money. We know how to type. Specifically we know how to type into our router's configuration to turn on ipv6. IPv6 routers are magical beats carved out of unicorn ivory and powered by the souls of freshly deceased cob

And only handout IPv4 to users that request it (pay extra), why ? Because the manufacturers of network-hardware for mobile phone networks ask you to pay 2 times when you want IPv4 and IPv6. So the profit margin is all gone. So they'll eventually do anything to move most users over to IPv6 and translate that to IPv4 where needed.

Once Sprint runs out of address space they will HAVE to start putting users on NAT to service them. They will likely start putting new accounts behind NAT, leaving old accounts "grandfathered in". Users who NEED a real address (for NAT or certain services that need it) will likely have to sign up with an "enterprise" plan or something similar to get one.

That is what AT&T does; that's the difference between the "regular" and "enterprise" data plans. Regular = behind a NAT, enterpr

Ditto here. Vodafone Australia and my phone has a real publicly addressable IP. Wonder how much longer that can last though, considering Australia = APNIC, and they have just run out of addresses as per this article...

So no they don't need their own public IPv4 address and indeed I've never seen one that has one. However you do need IPv4 addresses to access stuff on the Internet. Regardless of if you do IPv4 NAT or if you do IPv6 with gateways to v4, you need the IPv4 addresses.

IPv4 addresses may be running out, but we can all look forward to supporting them forever in a second stack, running parallel to our IPv6 software, now and forever, for the rest of eternity, Amen.

Like how browsers all still having to cope with both Gopher and HTTP? Like Gopher, IPv4 will fade out, slowly. At some point, new networks will see no need to have an IPv4 address just for the tiny minority of users who would need it.

I know the problem is of a much greater magnitude, but it still doesn't require a

Gopher is not a good example. When a site already has an IPv4 address it has no incentive to offer it over IPv6 too, since v6 offers no technological benefit to the webhost. Conversely, a site that is only on IPv6 is not going to get any hits, so anyone that wants traffic needs an IPv4 address anyway. IPv4 is simply not going to go away because the people without an address are kicking up a fuss. I would guess that those people will be stuck in their own IPv6 world, while all the content worth viewing would still be on IPv4.

If a website has an IPv4 address, it may want to maintain that. If it doesn't, and the IPv4 addresses have dried up, it may not be possible to get one (or at least, it may be royally expensive). Similarly, tunneling from IPv6 to IPv4 is still very imperfect, meaning that once new devices and connections are on IPv6, your incentive to serve IPv6 is to not tick off your new users (which are usually the most profitable).

I suspect we will hit a tipping point, where new devices and connections happen via IPv6,

When does IPv4 not just run out, but get painfully expensive to acquire?

Indeed, at least in the west most home lusers still have public V4 IPs. I would expect ISPs to gradually reclaim those IPs for more lucrative customers and so it will be a while (possiblly a decade) before the shortage really bites on western ISPs.

It is over in the east that things are REALLY going to get hairy with so many new users coming online that I would expect IP values to dramatically rise. ISP level nat will help to an extent but there are limits on the ratios that can practially be used. I would e

FWIW I live in an APNIC country (and my ISP) is already 100% migrated to dual stack. If your router supports it, home lusers will get a native IPv6 connection out of the box right now. Mine doesn't but I'm replacing it next week with one that does (I'm upgrading for reasons other than IPv6, it's just a nice bonus).

So it seems to me that cause the addresses are running out quicker in APNIC land than elsewhere that the ISPs here are more on the ball when it comes to IPv6 migration. Not all of them, but the go

Wasn't the whole point of IPv6 being essentially independent of IPv4 so that you COULD run dual stacks? Because it would be completely un-reasonable to be able to cut-over from one addressing protocol to another world wide in any reasonable fashion? So... yes, dual stacks for the next 20 years on main-stream devices, maybe 70-80 years for niche needs sounds reasonable to me.

Not really, X.25 networks had gone global (International Packet Switch Stream) at a time the Internet was still purely an American toy. The Internet became global because the rest of the world had got there first - hardware-wise, at least. All the early transatlantic links were IPSS lines re-purposed, as was all the early European Internet capability. The Americans got the software side first.

Since the modern Internet is a marriage between software and hardware, and not one or the other alone, the only fair conclusion is that it was a global invention with no nation being able to claim credit for being truly first.

The US invented the Internet. The Internet originally started as ARPANET a research network designed by DARPA, Defense Advanced Research Projects Agency, an agency of the US Department of Defense. It started out as a link between a few US research universities and institutes. TCP/IP was then developed by Robert Kahn and Vince Cerf, working for DARPA. DARPA liked it and funded the development of the software to implement it.

After that various other government entities created TCP/IP networks based around ARPANET like the Department of Energy, the National Science Foundation and so on. Those unified in to what become the Internet.

Now that is not to say it did not become a global endevour. Around the time the Internet came to be, CERN made their own TCP network, CERNET, and then they started looking to link up with the US Internet and did so around 1989. Also CERN of course developed the basis of the world wide web. However the Internet itself started in the US.

That's why IANA, the ultimate top level controller of Internet numbers, is based in the US. It was created there to manage things on ARPANET.

You have to remember that nobody who was designing this was thinking "Global communications system that links every computer, every phone, every TV, etc on the planet." Such a concept was really pretty unimaginable. This was just an effort to get an efficient, interoperable network for linking big institutions.

So when IPs first started being handed out it was done inefficently. If you were real big, you got a Class A (/8, 16 million), if you were moderately sized a Class B (/16, 65 thousand) if you were small you got a Class C (/24, 256). Companies like AT&T and IBM got entire Class As for themselves. Most of that went to US entities, since they were the only ones who could get on at the time. ARPANET and some of the other research networks like NSFNET that started all this were only for research institutions and public entities. So only universities, research labs (like SRI), the military, and companies involved in the research could get on and thus get addresses.

Yes, yes, all bad in hindsight but who knew the Internet would become what it has? It also is just how shit goes. You invent something, you get to have it your way.

Neil Degrasse Tyson calls it "naming rights" and shows how it happens when various cultures are on the top of their game R&D wise. The US invented the Internet, so they got to have things like.gov for their government sites. The US invented the telephone system so they get 1 as their country code. The British invented the post office so they don't have to put their country on stamps, everyone else does.

The Internet shows a lot of slant towards the US because it started there, and developed most fully there first. The US by far had (and still has) the most advanced Internet infrastructure. The invented it, they were there first and best, that is why it is theirs in many ways.

"That's why IANA, the ultimate top level controller of Internet numbers, is based in the US. It was created there to manage things on ARPANET."

You don't know what you're talking about. IANA wasn't "created", it's just a name Jon used for that particular task. A task done on contract for DARPA, later NSF. But Jon/IANA never had the authority you assert. Jon got frapped pretty hard by Ira Magaziner when Jon split the root (he put it back, real quick) and when IANA tried to declare what would happen with new t

Please fall over and die. You are the kind of 'engineer' that holds back all of humanity. There's no reason to not implement IPv6, and 'user unfriendly' may be the very worst excuse, since implementing IPv6 doesn't mean you can support IPv4 too.

Please fall over and die. You are the kind of 'engineer' that holds back all of humanity. There's no reason to not implement IPv6, and 'user unfriendly' may be the very worst excuse, since implementing IPv6 doesn't mean you can support IPv4 too.

Exactly! IPv6 support should "just work" and be transparent to the user.

If the user has to enter an IP address they will simply enter their quad notated IPv4 address like they always did. In case they are interfacing with an IPv6 network, well, not supporting IPv6 at all won't make that any easier now, will it? "You sound like a clueless:)"

Not only further along the learning curve, but further along in mass availability. Mass availability = low cost. Low cost = more attractive to customers. I thought America had learned (the hard way) what happens when you ship inferior, expensive products after their car industry collapsed and Japan pwned them. I also thought America had learned (the hard way) what happens when you start behind your competition after they were thrashed by the USSR in the early space race. Catching up was damn expensive.

I bought a cheapo asus wireless router for about $30 on amazon a year ago (sorry, don't remember the model number and I'm not home right now). It does ipv6 just fine. I actually bought it to put the smaller dd-wrt image on, and that's what I did as soon as it arrived, but it seems the dd-wrt firmware makes the router's CPU run too hot and my connection would become unreliable. But with the stock firmware it does a fine job for a basic home router. I was tempted to keep dd-wrt and mod the thing for better

"""Network Address Translation [wikipedia.org] could provide some relief I think...no?"""

No.

BACKGROUND:

NAT, in the way which can be used by ISPs to reduce the need for IP addresses, works by mapping multiple internal IP addresses to a external one (or groups of external ones). So say you have a one thousand computers you need to keep online and you have only 100 addresses. NAT will allow you to logically map those 100 addresses to the one thousand computers.

NAT is able to do this by connection tracking. The router keeps in memory what connections were created with what external IP address and then routes the data from the reply back to the original host. So say my browser opens up a socket on 192.168.1.129:59343 and connects to Google on "www.google.com:80". The NAT router opens up a connection on 208.32.20.1:78190, connects to 'www.google.com:80'. When the machine listening on 'www.google.com:80' sends information back to 208.32.20.1:78190. Any data received on 208.32.20.1:78190 then automatically gets forwarded to 192.168.1.129:59343, which then is received by my browser.

WHY NAT IS FULL OF FAIL:

The reason that NAT + IPv4 is not a substitute for IPv6 is because the number of sockets that a router can open and manage is less then 16bits. That is the socket numbering scheme is 16bit scheme, of which a substantial number of sockets are reserved for specific protocols. That is less then 60,000 possible connections can be made by a router with a single public IP address.

Each new connection made by a machine behind a new router requires a new socket established. Just by having 3 tabs on my browser right now I am using roughly 20 connections. Each connection is going to a ad provider, google, different slashdot.org servers, etc etc.

Say that a internet user is using about 50 active connections at any one time then that means that 1 public address can only support about 1200 concurrent users. But it will break down long before that. People using bittorrent may use 300 TCP connections, which means that you can only support a 100-200 users.

The other aspect of this is that there is not enough IPv4 addresses for internet routers. That is a new ISP will run out of IP addresses long before they are even finish building their infrastructure!!! There wouldn't be enough addresses to even setup NAT routers!

This is taken care of by 'Carrier Grade NAT'. Which is you use NAT firewalls for your NAT firewall.

That is less then 60,000 possible connections can be made by a router with a single public IP address.

That depends on how clever the NAT is. Technically each server you talk to doesn't know what ports you are using to talk to each other servers. So there is nothing stopping a nat using an internet side port to talk to multiple servers at the same time. Such a scheme will completely any protocol that tries to do "nat traversal" but it should keep the basics working at very high user:IP ratios.

Still I would expect IPv6 to seep in if only to try and reduce the load on the big nats.

The other big issue with NATs is traversal. You can't run bittorrent at all unless most hosts on the internet can be directly reached; it relies on peers being directly addressable.

When the NAT is on your home gateway, you (or your software) can instruct it to forward certain ports to certain hosts inside the NAT. When the NAT is run by the ISP, shared by hundreds of users, you can't do that - contention for the well known ports makes it impossible.

Unfortunately it's wrong in some places. Like listing the limitations based on the use of bittorrent. Bittorrent won't work if everyone in the swarm is NAT'd. NAT was the poor man's firewall for years because it hides the hosts. P2P can't work if everyone is hidden. There are some tricks that may work, but generally the actual number of people per address is higher than he indicated.

Additionally, if you read the article, they report that they are allowing 1000 addresses to new ISPs. If you can't set up a NAT-based ISP with 1000 addresses, then you shouldn't be setting up an ISP at all. You won't run out of addresses. In fact, there's nothing (other than violating the RFCs, which are as optional as the pirate laws) which would prevent you from setting up an entire ISP with millions of customers using one and only one public IP assigned to your equipment (the rest given RFC 1918 addresses). And even then, most often when you uplink you get the IP address from the carrier you uplink with. That leaves you with 1024 addresses to use for NAT (well, 1022 or less, depending on subnetting).

As such, his idealized 1200 per IP is probably closer to reality than his 100-200 number expecting everyone will be running P2P. So with 100 per IP, the worst case, they'll be able to handle 100,000 users. With the more realistic 1200, there can be more than a million users. They have more than 16k of those to give out, for a total amount of support with nat of 20 billion users. Oh, and if the worst-case 100 is used, that's still more than a billion people that could be supported on what's left there.

I'm a bit surprised that the parent was modded off topic. The fact is that when they were first passing out brains IP blocks 'way back when, most of Asia weren't players in the internet game. I recall a briefing from the beginning of the century stating that most of India was running behind a massive NAT gateway.... and thus suggesting that most Asian nations would be moving to ipv6 earlier than the OECD out of necessity.

So, yeah, APNIC is likely very motivated to go ipv6. But, don't discount the allure of

Why not? This is how the overwhelming majority of people interface with the internet anyway: content consumption. ipv6; by virtue of the reality of the fact we are not running it yet, appears to be a project failure in terms of it's stated goal to supercede ipv4. We could press ahead with it, or consider alternatives such as NAT.

Most folk I know who need an IP address fall into one of two categories:

People who p2p fileshare. (Services like Skype and VOIP solve issue of NAT by having peer clients send c

ipv6 transition I fear is going to be massively disruptive over a period of at least 2 years and it is going to cost us all alot of money

And NATing everything is not going to be disruptive and cost a lot of money?

Large scale NAT is a stopgap measure. It will simply delay exhaustion a few more years, maybe a decade. It is not a viable long term solution. Then once we're totally out of IPv4 space, we'll need to implement IPv6 or something similar anyway.

And NATing everything is not going to be disruptive and cost a lot of money?

NAT is already here and in widespread use in every small office and multi device household; whereas ipv6 is not. To insist some sort of cost equivalence between the two projects; where option one involves hacking an existing framework to extend the network's reach, vs swapping in a brand new network on a global scale; is just staggeringly irrational. By all means, have your ipv6 if it is so precious to you, but when you break, in probability, the internet during the transition stage, which our civilizatio

One difference: today, you're NAT'ing a real public IP address with a router over which you have direct control and can forward ports at will. If the NAT is being done by your ISP, and you're stuck NAT'ing a NAT'ed private IP address whose public IP is totally under the control of your ISP, things become enormously more complicated.

On the other hand, insofar as mobile devices go, NAT is almost a moot point, anyway. As far as I know, every EVDO and UMTS mobile phone on earth is effectively firewalled by carr

As far as I know, every EVDO and UMTS mobile phone on earth is effectively firewalled by carriers who won't forward inbound traffic anyway, so mobile phones might as *well* be NAT'ed since having a public IP address does them no good, anyway.

Mobile Phones ARE NATed as far as I know. MY UMTS-ATT phone has a 10.11.x.x IP no matter where I am.

The non-forward of inbound traffic is pretty much a godsend if you ask me. I can't imagine the howl of protest for being forced to pay bandwidth charges for every script-kiddy trying to hack my phone. The Sleeping TCP socket trick used by various push services from Apple/Google/Exchange, et al, accomplishes what is needed in terms of inbound traffic.

IPs aren't UUIDs as such but they aren't really that heirechical either. They are handed out by the RIRs in various size blocks and each of those blocks (and sometimes even sub-blocks of it) ends up in the global routing table. Very small providers will take a portion of one of their providers blocks but most bigger organisations will have their own block(s).

Running out of space in routing tables is a potential issue but at least so far the vendors have been able to keep up with routing table growth.

The vast majority of home PCs *are* behind a NAT. What the vast majority of home PCs are not going to work behind properly is a double NAT, and a trend towards that will fundamentally break the future development of a whole host of user-centric applications. You can more or less kiss the idea of peer-to-peer anything goodbye.

You must be one of those people who wants the Internet to be like TV -- for "consumers" and "viewers" only.

For people, like me, who have to actually manage networks, NAT is one of the worst things that happened in networking that we still have to deal with. You end up with two sets of DNS for each company, public and private IP networks to manage, firewalls and routers doing additional processing that is wasting CPU and memory.

NAT also severely restricts the capabilities of what are possible on the Internet. It firmly gives control to those with public addresses (big companies) and takes it away from individual users.

But many IP devices do not have built-in firewall, so you -still- want to run a border router firewall right? And if every machine is behind your border router, then those limitations are still going to apply. So you want to let certain traffic in to certain hosts. Some hosts are dmz, some hosts are very private, and some are in the middle. Its still a lot to manage. The only thing it solves is peer-to-peer communications right? But you are going to have to deal on a host by host and service by

1. Individual users have and will continue to have real IP addresses. Their toasters and refrigerators do not. Single IP address is sufficient for peer to peer communication, as countless products (that actually work) had shown.

No, absoultely incorrect. Out of IPs means OUT OF IPs... It means in some part of the world you may not even see a single address to run any servers of any kind... What you will get is a shared IP on a CGN with all incoming requests silently discarded by the ISP CGN... This will be reality for countless millions in the developing world in the next few years.

NAT is a solution to address depletion in the same manner than increasing the debt cap is a solution to the US national deficit.

NAT, to a networking professional, is an abomination. It functions literally by breaking TCP/IP and lying to network neighbors. It functions by breaking the rules networks are designed and intended to play by, and overuse of NAT prevents any intelligence in routing and networking. Imagine if mailing addresses were limited in the same manner. Everything is a PO Box. Now imagine several layers of PO Boxes have to be traversed for anything to be delivered.

Moving to IPv6 is the right way to fix this. It's not easy, but it's the right way to do it.

Address shortages are a very, very, very tiny, miniscule fraction of IPv6. If IPv6 was about address shortages, the IPng working group would have adopted TUBA.

You seem unwilling to even recognize any of the other features of IPv6:

Built-in securityBuilt-in device mobility

Built-in network mobility

Built-in multimedia support

Extensible headers for dynamic protocol upgrades

Auto-configuration

Reduced latency

Improved router reliability (partly due to simpler routing protocols)

Native multicasting

Native anycasting

Superior QoS support

Don't even think of coming back with "but nobody uses these" - nobody was driving until the car was adopted either. Things have a habit of not being used when they're not available. When they are available, they are used. It's as simple as that.

While I'm a fan of some of those arguments, a couple of them are horseshit. It would be good if the IPv6 fans stopped using the silly ones.

Built-in security: you're either referring to difficulty of scanning due to size (which few worms or attackers bother with anymore) or the notion of IPSec having its own header type (which is useless without a key distribution system). Neither is really worth writing home about.

Auto-configuration: Any actual operational network is going to need DHCPv6 anyway, so autocon

IPv4 has auto-configuration. It's not very good, and doesn't work for actually giving you a usable computer, but it was intended so that people setting up a LAN could do so without having a DHCP server. But in practice, people just use static addressing instead...

IPv6 doesn't have a lot of IPs to have a crap ton of devices, it has a ton of IPs to allow better organization of networks. In one breath you talk about how bad IPv6, and in another your praise NAT. NAT isn't even a standard, it's a hack of a bandaid for the problems IPv4 has caused. Claiming NAT works fine is like claiming IE6 works fine, it's insecure and breaks stuff.

Even without the extra addresses, IPv6 is at worst as good as v4 and at best slightly better. The only thing the IP protocol is used for is